CVE-2006-5395

Microsoft Class Package Export Tool - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5395. PoCs published by mmd_000.

AI-analyzed exploit summary This exploit demonstrates a local buffer overflow in Microsoft Class Package Export Tool ('clspack.exe') by supplying an excessively long argument, which can lead to arbitrary code execution in the context of the user running the application.

Description

Buffer overflow in Microsoft Class Package Export Tool (aka clspack.exe) allows context-dependent attackers to execute arbitrary code via a long string. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED
by mmd_000 · textdoswindows
https://www.exploit-db.com/exploits/28822

This exploit demonstrates a local buffer overflow in Microsoft Class Package Export Tool ('clspack.exe') by supplying an excessively long argument, which can lead to arbitrary code execution in the context of the user running the application.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Class Package Export Tool (clspack.exe)
No auth needed
Prerequisites: Local access to the target system · Presence of 'clspack.exe' in the system
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39975
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20561

Scores

EPSS 0.0815
EPSS Percentile 94.2%

Details

Status published
Products (1)
microsoft/class_package_export_tool 5.0.2752
Published Oct 18, 2006
Tracked Since Feb 18, 2026